Patching vulnerabilities is too labor intensive and convoluted a process for most IT security professionals, according to new research by Ivanti.
The Utah-based software company surveyed over 500 enterprise IT and security professionals across North America, Europe, the Middle East, and Africa about their patch management challenges.
Nearly three-quarters of respondents (71%) found patching to be "overly complex, cumbersome, and time consuming," with more than half (54%) saying that remote work has increased the intricacy and scale of patch management.
Despite the Equifax breach and WannaCry ransomware both involving the exploitation of unpatched vulnerabilities, 62% of IT pros said that other tasks often take priority over patching.
Patching was reported to have an impact upon productivity, with more than half (60%) of respondents saying that the process disrupts the workflow of users.
Receiving orders from line-of-business owners once a quarter to skip or delay patching to avoid system shutdowns was reported by 61% of IT and security professionals.
“These results come at a time when IT and security teams are dealing with the challenges of the Everywhere Workplace, in which workforces are more distributed than ever before, and ransomware attacks are intensifying and impacting economies and governments," said Srinivas Mukkamala, senior vice president of security products at Ivanti.
"Most organizations do not have the bandwidth or resources to map active threats, such as those tied to ransomware, with the vulnerabilities they exploit."
The research comes as Untangle's fourth annual SMB IT Security Report, based on a global survey of 740 small-to-medium businesses conducted in August, found that 80% of SMBs feel more secure now than they did last year.
Most companies surveyed (71%) named finding and fixing vulnerabilities as their most important security priority. More than half (64%) said breaches were their top security concern.
To protect their business, most companies surveyed (73%) employ firewalls and more than half (62%) use antivirus/anti-malware protection.
“With a changing workplace landscape, and a continued rise in cyberattacks, SMBs have shifted their mindset from ‘it can’t happen to me’ to taking security threats seriously,” said Untangle CEO Scott Devens.